package com.demo.springcloud.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    /**
     * 默认情况下添加SpringSecurity依赖的应用每个请求都需要添加CSRF token才能访问，
     * Eureka客户端注册时并不会添加，所以需要配置/eureka/**路径不需要CSRF token。
     * @param httpSecurity
     * @throws Exception
     */
    @Override
    protected  void configure(HttpSecurity httpSecurity)throws Exception{
        httpSecurity.csrf().ignoringAntMatchers("/eureka/**");
        super.configure(httpSecurity);
    }
}
